'Session key invalid or no longer valid' notification issues

Hi there,

I’m currently having fun working my way through the text but have hit a wall on page 93, Sending Notifications.
I’ve implemented the attack_notification and send_attack_notification methods and have tried to get
notifications sent from and to my test Facebook users but I’m getting the following error:

facebook.notifications.send (0) Facebooker::Session::SessionExpired:
Session key invalid or no longer valid

How do I generate new session keys for my test Facebook users?
Any help appreciated.

Now I’m getting the following error:

facebook.notifications.send (0) Facebooker::Session::SessionExpired:
user_to_user notifications require a session

I’ve tried looking back over what I’ve done so far, but I guess I’m finding the
Facebook session stuff pretty confusing. Is no one else having similar session-related problems?

Have you used the application recently as the user who you are sending the notification from?

By default, Facebook sessions are only valid for about an hour from the time the user last uses your application. If you’re sending notifications via the web, this won’t be a big deal because each request renews the session. If you’re using script/console, you’ll need to make sure you visit your application in a browser once an hour or so.

Mike

Thanks very much for the reply, Mike.

I’m testing out all of my actions via the web (2 Facebook users running on web browsers on seperate machines),
and not by script/console.

I tried de-authorizing the application on both users and then re-authorizing it, and reloading the fixtures into the
development database to try and get a clean slate, but I still got the
user_to_user notifications require a session error. Checking out the users table under mysql, it seemed that the session_key value is always NULL when a new user is added.

After a bit of reading ahead, it seems that the issue was in the set_current_user method. Working on page 93,
my set_current_user method in app/controllers/application.rb still looked like it did when it was first
implemented on page 38 of the text:

def set_current_user
    self.current_user = User.for(facebook_session.user.to_i)
end

The above User.for method doesn’t pass in a second facebook_session parameter, so I guess that’s why I was
getting NULL session_key values. I cross-referenced the official downloaded code in
chapter3/karate_poke/app/controllers/application.rb and found there that the User.for method is passing in the second facebook_session parameter. Perhaps this is a printing error in the text?

Anyway, when I changed the code to how it is on page 125 below, the notifications got sent and I was able to view them as expected:

def set_current_user
  set_facebook_session
  # if the session isn't secured, we don't have a good user id
  if facebook_session and 
    facebook_session.secured? and 
    !request_is_facebook_tab?
      self.current_user = User.for(facebook_session.user.to_i,facebook_session) 
  end
end

Good find! As much as I’d like to claim it as a printing error, it’s more likely an author error. Can you add this as an errata at http://www.pragprog.com/titles/mmfacer/errata ? That will remind me to fix it if we do another release of the PDF.

Thanks and good luck with your application!

Mike

Thanks Mike! Errata has been submitted.

Hi Mike. When you have a minute, would you mind explaining the intricacies of the new ApplicationController#set_current_user , and why it’s necessary?

I looked through Facebooker’s RDoc and source, but there aren’t many comments to help piece it all together.

Thanks!
Nick

The set_current_user above is just used to find or create a User model for the current facebook session. The complexity comes from storing the session key if necessary. Having the session key allows us to access the REST API outside of a request for about an hour after the user visits our application. This can be useful if you are sending messages using some sort of delayed job API to take them out of the HTTP request flow.